package com.cskaoyan.login;

import com.cskaoyan.utils.JDBCUtils;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

/**
 * 创建日期: 2021/11/23 15:03
 *
 * @author ciggar
 * 模拟一下登录的场景
 */
public class LoginDemo1 {

    public static void main(String[] args) throws SQLException {

//        Boolean ret = login("天明", "upan");

        //啥都不懂的用户
//        Boolean ret = login("xxx", "xxx");

        // 程序员用户
        Boolean ret = login("","xxx' or '1=1");

        if (ret) {
            System.out.println("登录成功……");
        }else {
            System.out.println("登录失败……");
        }

    }

    // 登录的方法
    public static Boolean login(String username,String password) throws SQLException {

        Boolean flag = false;

        // 获取连接
        Connection connection = JDBCUtils.getConnection();

        // 获取statement对象
        Statement statement = connection.createStatement();

        // 执行sql语句
        String sql = "select * from user where name = '"+username+"' and password = '"+password+"'";

        System.out.println(sql);

        ResultSet resultSet = statement.executeQuery(sql);

        // 解析结果集
        if (resultSet.next()) {
            flag = true;
        }
        // 关闭资源
        JDBCUtils.closeReources(resultSet,statement,connection);

        return flag;

    }

}
